WhatsApp in fact is using NSClassFromString to get access to the private class UITextEffectsWindow ;P. However, I don't think it doing anything to get access to CoreTelephony and pull the IMEI.
Another piece of evidence for this is an article published on a website I found while searching for the API endpoints that WhatsApp is connecting to; this person pulled apart the Android client.
In this article there are a few API calls that are discussed, including v1/exist.php and v1/code.php: the former takes an argument sim=MSISDN and the latter takes both sim=MSISDN and imsi=IMSI.
However, on my device (iOS), all of the other fields are being sent (including the MCC and MNC, which you can apparently get using the public CTCallCenter API) except those sim and imsi fields.
(Note: the actual service seems to run over XMPP, and I did not bother figuring out how I'd man-in-the-middle that to figure out my password, so maybe they do something really sneaky at a later step.)
Another piece of evidence for this is an article published on a website I found while searching for the API endpoints that WhatsApp is connecting to; this person pulled apart the Android client.
http://www.mathyvanhoef.com/2012/05/whatsapp-considered-inse...
In this article there are a few API calls that are discussed, including v1/exist.php and v1/code.php: the former takes an argument sim=MSISDN and the latter takes both sim=MSISDN and imsi=IMSI.
However, on my device (iOS), all of the other fields are being sent (including the MCC and MNC, which you can apparently get using the public CTCallCenter API) except those sim and imsi fields.
(Note: the actual service seems to run over XMPP, and I did not bother figuring out how I'd man-in-the-middle that to figure out my password, so maybe they do something really sneaky at a later step.)